text

CHANGELOG.md

@@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
 This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
 
 ## [unreleased][unreleased]
+ - Added `lf idteck clone` - now supports creating using raw values (@iceman1001)
  - Changed calypso scripts to work with NG (@iceman1001)
  - Changed HF 14b - fixed timings on device side (@iceman1001)
  - Changed `hf 14b raw` - now uses NG (@iceman1001)

client/src/cmdlfem4x05.h

@@ -44,6 +44,7 @@
 #define EM4305_MOTOROLA_CONFIG_BLOCK     (EM4x05_SET_BITRATE(32) | EM4x05_MODULATION_PSK1 | EM4x05_PSK_RF_2 | EM4x05_SET_NUM_BLOCKS(2) ) // PSK1, data rate 32, 2 data blocks
 #define EM4305_NEXWATCH_CONFIG_BLOCK     (EM4x05_SET_BITRATE(64) | EM4x05_MODULATION_PSK1 | EM4x05_PSK_RF_2 | EM4x05_SET_NUM_BLOCKS(3) ) // PSK1 data rate 16, psk carrier FC * 2, 3 data blocks
 #define EM4305_KERI_CONFIG_BLOCK         (EM4x05_SET_BITRATE(64) | EM4x05_MODULATION_PSK1 | EM4x05_PSK_RF_2 | EM4x05_SET_NUM_BLOCKS(2) ) // PSK1, 2 data blocks
+#define EM4305_IDTECK_CONFIG_BLOCK       (EM4x05_SET_BITRATE(32) | EM4x05_MODULATION_PSK1 | EM4x05_PSK_RF_2 | EM4x05_SET_NUM_BLOCKS(2) ) // PSK1, 2 data blocks
 
 #define EM4305_JABLOTRON_CONFIG_BLOCK    (EM4x05_SET_BITRATE(64) | EM4x05_MODULATION_BIPHASE | EM4x05_SET_NUM_BLOCKS(2) ) // Biphase, data rate 64, 2 data blocks
 #define EM4305_GUARDPROXII_CONFIG_BLOCK  (EM4x05_SET_BITRATE(64) | EM4x05_MODULATION_BIPHASE | EM4x05_SET_NUM_BLOCKS(3) ) // Biphase, data rate 64, Direct modulation, 3 data blocks

client/src/cmdlfidteck.c

@@ -22,6 +22,8 @@
 #include "commonutil.h"  // num_to_bytes
 #include "cliparser.h"
 #include "cmdlfem4x05.h" // EM defines
+#include "protocols.h"   // T55x7 defines
+#include "cmdlft55xx.h"  // verifywrite
 
 static int CmdHelp(const char *Cmd);
 
@@ -101,6 +103,71 @@ static int CmdIdteckDemod(const char *Cmd) {
     return demodIdteck(true);
 }
 
+static int CmdIdteckClone(const char *Cmd) {
+    CLIParserContext *ctx;
+    CLIParserInit(&ctx, "lf idteck clone",
+                  "clone a Idteck tag to T55x7 or Q5/T5555 tag\n"
+                  "Tag must be on the antenna when issuing this command.",
+                  "lf idteck clone --raw 4944544B351FBE4B"
+                 );
+    void *argtable[] = {
+        arg_param_begin,
+        arg_strx0("r", "raw", "<hex>", "raw bytes"),
+        arg_lit0(NULL, "q5", "optional - specify writing to Q5/T5555 tag"),
+        arg_lit0(NULL, "em", "optional - specify writing to EM4305/4469 tag"),
+        arg_param_end
+    };
+    CLIExecWithReturn(ctx, Cmd, argtable, false);
+
+    int raw_len = 0;
+    uint8_t raw[8] = {0};
+    CLIGetHexWithReturn(ctx, 1, raw, &raw_len);
+
+    bool q5 = arg_get_lit(ctx, 2);
+    bool em = arg_get_lit(ctx, 3);
+    CLIParserFree(ctx);
+
+    if (q5 && em) {
+        PrintAndLogEx(FAILED, "Can't specify both Q5 and EM4305 at the same time");
+        return PM3_EINVARG;
+    }
+
+    uint32_t blocks[3] = {T55x7_MODULATION_PSK1 | T55x7_BITRATE_RF_32 | 2 << T55x7_MAXBLOCK_SHIFT, 0, 0};
+    char cardtype[16] = {"T55x7"};
+
+    // Q5
+    if (q5) {
+        blocks[0] = T5555_FIXED | T55x7_MODULATION_PSK1 |  T5555_SET_BITRATE(32) | 2 << T5555_MAXBLOCK_SHIFT;
+        snprintf(cardtype, sizeof(cardtype), "Q5/T5555");
+    }
+
+    if (em) {
+        blocks[0] = EM4305_IDTECK_CONFIG_BLOCK;
+        snprintf(cardtype, sizeof(cardtype), "EM4305/4469");
+    }
+        
+    for (uint8_t i = 1; i < ARRAYLEN(blocks); i++) {
+        blocks[i] = bytes_to_num(raw + ((i - 1) * 4), sizeof(uint32_t));
+    }
+
+    // config for Indala 64 format (RF/32;PSK1 with RF/2;Maxblock=2)
+    PrintAndLogEx(INFO, "Preparing to clone Idteck to " _YELLOW_("%s") " raw " _GREEN_("%s")
+                    , cardtype
+                    , sprint_hex_inrow(raw, raw_len)
+                    );
+    print_blocks(blocks,  ARRAYLEN(blocks));
+
+    int res;
+    if (em) {
+        res = em4x05_clone_tag(blocks, ARRAYLEN(blocks), 0, false);
+    } else {
+        res = clone_t55xx_tag(blocks, ARRAYLEN(blocks));
+    }
+    PrintAndLogEx(SUCCESS, "Done");
+    PrintAndLogEx(HINT, "Hint: try " _YELLOW_("`lf idteck reader`") " to verify");
+    return res;
+}
+
 static int CmdIdteckReader(const char *Cmd) {
     CLIParserContext *ctx;
     CLIParserInit(&ctx, "lf idteck reader",
@@ -133,6 +200,7 @@ static command_t CommandTable[] = {
     {"help",    CmdHelp,         AlwaysAvailable, "This help"},
     {"demod",   CmdIdteckDemod,  AlwaysAvailable, "demodulate an Idteck tag from the GraphBuffer"},
     {"reader",  CmdIdteckReader, IfPm3Lf,         "attempt to read and extract tag data"},
+    {"clone",   CmdIdteckClone,  IfPm3Lf,         "clone ioProx tag to T55x7 or Q5/T5555"},
     {NULL, NULL, NULL, NULL}
 };
 
@@ -148,7 +216,6 @@ int CmdLFIdteck(const char *Cmd) {
 }
 
 // Find IDTEC PSK1, RF  Preamble == 0x4944544B, Demodsize 64bits
-// by iceman
 int detectIdteck(uint8_t *dest, size_t *size) {
     //make sure buffer has data
     if (*size < 64 * 2) return -1;

client/src/cmdlfio.c

@@ -256,7 +256,8 @@ static int CmdIOProxClone(const char *Cmd) {
 
     CLIParserContext *ctx;
     CLIParserInit(&ctx, "lf io clone",
-                  "Enables simulation of ioProx card with specified facility-code and card number.\n"
+                  "clone a ioProx card with specified facility-code and card number\n"
+                  "to a T55x7, Q5/T5555 or EM4305/4469 tag.\n"
                   "Tag must be on the antenna when issuing this command.",
                   "lf io clone --vn 1 --fc 101 --cn 1337"
                  );

client/src/cmdlfjablotron.c

@@ -152,7 +152,8 @@ static int CmdJablotronClone(const char *Cmd) {
 
     CLIParserContext *ctx;
     CLIParserInit(&ctx, "lf jablotron clone",
-                  "clone a Jablotron tag to a T55x7, Q5/T5555 or EM4305/4469 tag.",
+                  "clone a Jablotron tag to a T55x7, Q5/T5555 or EM4305/4469 tag.\n"
+                  "Tag must be on the antenna when issuing this command.",
                   "lf jablotron clone --cn 01b669\n"
                   "lf jablotron clone --q5 --cn 01b669 -> encode for Q5/T5555 tag\n"
                   "lf jablotron clone --em --cn 01b669 -> encode for EM4305/4469"

client/src/cmdlft55xx.c

@@ -1945,7 +1945,7 @@ static void printT5x7KnownBlock0(uint32_t b0) {
             snprintf(s + strlen(s), sizeof(s) - strlen(s), "Pyramid ");
             break;
         case T55X7_INDALA_64_CONFIG_BLOCK:
-            snprintf(s + strlen(s), sizeof(s) - strlen(s), "Indala 64, Motorola");
+            snprintf(s + strlen(s), sizeof(s) - strlen(s), "Indala 64, Motorola, Idteck");
             break;
         case T55X7_INDALA_224_CONFIG_BLOCK:
             snprintf(s + strlen(s), sizeof(s) - strlen(s), "Indala 224 ");

client/src/cmdlft55xx.h

@@ -52,6 +52,7 @@
 #define T55X7_MOTOROLA_CONFIG_BLOCK     0x00081040  // PSK1, data rate 32, 2 data blocks
 #define T55X7_NEXWATCH_CONFIG_BLOCK     0x00081060  // PSK1 data rate 16, psk carrier FC * 2, 3 data blocks
 #define T55X7_KERI_CONFIG_BLOCK         0x603E1040  // PSK1, 2 data blocks
+#define T55X7_IDTECK_CONFIG_BLOCK       0x00081040  // PSK1, data rate 32, 2 data blocks
 
 #define T55X7_JABLOTRON_CONFIG_BLOCK    0x00158040  // Biphase, data rate 64, 2 data blocks
 #define T55X7_GUARDPROXII_CONFIG_BLOCK  0x00150060  // Biphase, data rate 64, Direct modulation, 3 data blocks